The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack ...

Ghostwriter’s March 2026 Ukraine attacks use PDF lures and geofencing to deploy Cobalt Strike on government targets.

Instructure, the edtech giant behind the widely popular Canvas learning management system (LMS), has reached an "agreement" ...

Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.

FrostyNeighbor, a long-running cyberespionage actor apparently aligned with the interests of Belarus, has been active recently in campaigns targeting governmental organizations in Ukraine.This latest ...

A North Korean APT has crafted malicious software packages to appeal to AI coding agents, while ‘slopsquatting’ shows the security risks of hallucinated dependencies.

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Google has released a Chrome 148 update that resolves 79 vulnerabilities, including 14 critical-severity security defects.

Web scraping is a process that extracts massive amounts of data from websites automatically, with a scraper collecting thousands of data points in a matter of seconds. It grabs the Hypertext Markup ...

Data Security Standard (DSS), issued by the PCI Security Standards Council (SSC), which establishes technical and operational requirements to protect cardholder data and promote consistent security ...

Email is already a favorite tactic for many marketers and, according to new research from Ascend2 and RPE Origin, those who are adding artificial intelligence (AI) into the mix are finding it can ...

Chrome 148 was promoted to the stable channel with 127 security fixes, including three for critical-severity vulnerabilities.